From c214b26ee6e32ee9769019fd3fa27457e26f85eb Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Mon, 19 Nov 2007 22:34:48 +0000
Subject: [PATCH] * libmisc/salt.c (MAGNUM): Terminate the array with nul (the
 array   is then used with strcat). * libmisc/salt.c (crypt_make_salt):
 Initialize result[0] to nul at   the beginning (was not initialized when
 USE_PAM). * libmisc/salt.c (crypt_make_salt): Check that ENCRYPT_METHOD is a 
  valid crypt method.

---
 ChangeLog      |  9 +++++++++
 libmisc/salt.c | 18 ++++++++++++------
 2 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 541e3982..6195cfc8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c (MAGNUM): Terminate the array with nul (the array
+	is then used with strcat).
+	* libmisc/salt.c (crypt_make_salt): Initialize result[0] to nul at
+	the beginning (was not initialized when USE_PAM).
+	* libmisc/salt.c (crypt_make_salt): Check that ENCRYPT_METHOD is a
+	valid crypt method.
+
 2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
 
 	* NEWS, libmisc/obscure.c, libmisc/salt.c, src/passwd.c,
diff --git a/libmisc/salt.c b/libmisc/salt.c
index 21269902..9f36ec7a 100644
--- a/libmisc/salt.c
+++ b/libmisc/salt.c
@@ -59,7 +59,9 @@ char *l64a(long value)
  * version of crypt() instead of the standard one.
  */
 
-#define MAGNUM(array,ch) (array)[0]= (array)[2] = '$',(array)[1]=(ch)
+#define MAGNUM(array,ch)	(array)[0]= (array)[2] = '$',\
+				(array)[1]=(ch),\
+				(array)[2]='\0'
 
 char *crypt_make_salt (void)
 {
@@ -68,6 +70,8 @@ char *crypt_make_salt (void)
 	int max_salt_len = 8;
 	char *method;
 
+	result[0] = '\0';
+
 #ifndef USE_PAM
 #ifdef ENCRYPTMETHOD_SELECT
 	if ((method = getdef_str ("ENCRYPT_METHOD")) == NULL) {
@@ -75,8 +79,7 @@ char *crypt_make_salt (void)
 		if (getdef_bool ("MD5_CRYPT_ENAB")) {
 			MAGNUM(result,'1');
 			max_salt_len = 11;
-		} else
-			result[0] = '\0';
+		}
 #ifdef ENCRYPTMETHOD_SELECT
 	} else {
 		if (!strncmp (method, "MD5", 3)) {
@@ -88,10 +91,13 @@ char *crypt_make_salt (void)
 		} else if (!strncmp (method, "SHA512", 6)) {
 			MAGNUM(result, '6');
 			max_salt_len = 11; /* XXX: should not be fixed */
-		} else if (!strncmp (method, "DES", 3))
-			result[0] = '\0';
-		else
+		} else if (0 != strncmp (method, "DES", 3)) {
+			fprintf (stderr,
+				 _("Invalid ENCRYPT_METHOD value: '%s'.\n"
+				   "Defaulting to DES.\n"),
+				 method);
 			result[0] = '\0';
+		}
 	}
 #endif				/* ENCRYPTMETHOD_SELECT */
 #endif				/* USE_PAM */